Versions Compared

Old Version 2

changes.mady.by.user Parsa Shiva

Saved on

compared with

New Version Current

changes.mady.by.user Parsa Shiva

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents
stylenone

Backend Process for Contract Data Processing and Certification

Overview

This document outlines the backend processes involved in handling contract data, focusing on the flow of data storage, processing, and signature certification. It includes details about signature methods such as HSM (Hardware Security Module), AATL (Adobe Approved Trust List), and LTV (Long-Term Validation).

Swc macro mermaid input
Code Block
sequenceDiagram
    participant Signer
    participant System
    participant InternalDB as Internal Database
    participant AtlassianDBatlassianAPI as Atlassian Database
    participant HSM
    participant AATL
    participant TSA as Timestamping Authority
    participant Stakeholders

    Note over Signer,System: Signing Procedure Begins
    Signer->>System: Provide Signature Data (Contract ID, Signer ID, OTP)
    System->>InternalDB: Fetch Metadata (Contract Hash, Signer Data, Attachments)
    System->>System: Verify Signer Credentials and Contract Signability
    System->>AtlassianDB>>atlassianAPI: Fetch Contract HTML Content
    System->>System: Verify the downloaded HTML's Contenthash forwith Consistencythe andstored Integrityhash
    System->>System: Embed Signer Details (Signatures, Field Values) into HTML
    System->>AtlassianDB>>atlassianAPI: Store Updated Contract Data
    System->>HSM: Digitally Sign Contract PDF using Private Key
    HSM-->>System: Signed PDF
    System->>AATL: Validate Signature with Adobe Trust List
    AATL-->>System: Validation Successful
    System->>TSA: Timestamp the PDF (LTV)
    TSA-->>System: Timestamped PDF
    System->>InternalDB: Store Updated Files and Metadata
    System->>Stakeholders: Notify via Webhook and Email
    Note over Signer,System: Signing Procedure Complete

    Note over System: Data Storage
    System->>InternalDB: Store Contract Configuration Metadata, Audit Logs, Access Keys, Signer Metadata
    System->>AtlassianDB>>atlassianAPI: Store Contract HTML Content, Generated PDFs

    Note over System: Signature Certification
    System->>HSM: Manage Private Key Storage for Secure Signing
    System->>AATL: Ensure Signatures use Trusted Certificate Chains
    System->>TSA: Append Timestamping and Validation Information

Step-by-Step Process for Data Handling

1. Data Storage

Description:
Contract metadata are stored in our database, while contract content is stored as Atlassian issue/page attachments.

  • Internal Database:

    • Content Stored:

      • Contract configuration metadata (e.g., signers' and watchers' PII).

      • Audit logs for all contract interactions and updates.

      • Access keys and signer-specific metadata.

  • Atlassian Attachments:

    • Content Stored:

      • Contract content in HTML format for editing.

      • Generated contract PDFs for final signing processing.

...

2. Data Processing

Description:
Contract data undergoes formatting and verification steps before being prepared for signature certification.

  • Steps:

    1. Fetch contract metadata from the database (content hash, signer data, attachments).

    2. Verify the contract's HTML content for consistency and integrity.

    3. Embed signer details (signature, field values) into the contract.

    4. Store updated contract HTML content and metadata as attachments.

...

3. Signature Certification

Description:
Digital signatures are certified using robust and secure methodologies.

  • Processes:

    1. HSM (Hardware Security Module):

      • Manages private key storage for secure signing operations.

      • Ensures the security of private keys by strictly confining them within its hardware boundaries.

    2. AATL (Adobe Approved Trust List):

      • Guarantees that signatures use trusted certificate chains validated by Adobe.

      • Ensures compatibility and trust in Adobe Acrobat and related software.

    3. LTV (Long-Term Validation):

      • Appends timestamping and validation information to ensure long-term validity of digital signatures.

      • Uses a trusted timestamping authority (e.g., Digicert TSA).

...

4. Signing Procedure

Detailed Steps:

  1. Receive signature data, including the contract ID, signer ID, and OTP.

  2. Fetch associated metadata (e.g., contract hash, attachment IDs) from the database.

  3. Verify signer credentials and contract signability.

  4. Embed user signature and digital signature into HTML content.

  5. Digitally sign the contract PDF using Google Cloud HSM.

  6. Timestamp the PDF using a trusted timestamping authority.

  7. Append LTV information for future validation.

  8. Notify stakeholders via webhook and email about signing completion.